Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ffce0e-c3ad-4c8a-9914-745cde74d01b/1/weLUCXrU6rSSTevLV-n4BbyucUA.roa
File:                     weLUCXrU6rSSTevLV-n4BbyucUA.roa (raw, json)
Hash identifier:          MMqADUx+yPeNCH+olqyg6TefHhTepekADlfGxwu+Pzg=
Subject key identifier:   C1:E2:D4:09:7A:D4:EA:B4:92:4D:EB:CB:57:E9:F8:05:BC:AE:71:40
Certificate issuer:       /CN=9439193aef1fe4d5703cb834df7aabaf8a4be42c
Certificate serial:       0185A147A4E45F3D7D4E0D11AB194D30B6C4
Authority key identifier: 94:39:19:3A:EF:1F:E4:D5:70:3C:B8:34:DF:7A:AB:AF:8A:4B:E4:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lDkZOu8f5NVwPLg033qrr4pL5Cw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/ffce0e-c3ad-4c8a-9914-745cde74d01b/1/weLUCXrU6rSSTevLV-n4BbyucUA.roa
Signing time:             Wed 11 Jan 2023 14:41:45 +0000
ROA not before:           Wed 11 Jan 2023 14:41:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200370
IP address blocks:        45.8.163.0/24 maxlen: 24
                          45.8.160.0/22 maxlen: 22
                          45.8.160.0/24 maxlen: 24
                          45.8.161.0/24 maxlen: 24
                          45.8.162.0/24 maxlen: 24
                          193.56.107.0/24 maxlen: 24
                          193.56.118.0/24 maxlen: 24
                          194.60.210.0/23 maxlen: 23
                          194.60.208.0/22 maxlen: 22
                          194.60.210.0/24 maxlen: 24
                          194.60.211.0/24 maxlen: 24
                          194.60.208.0/23 maxlen: 23
                          194.60.208.0/24 maxlen: 24
                          194.60.209.0/24 maxlen: 24
                          193.56.59.0/24 maxlen: 24
                          193.56.61.0/24 maxlen: 24
                          2a05:cac0::/29 maxlen: 29
                          2a12:93c0::/29 maxlen: 29
                          2a0f:51c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a1:47:a4:e4:5f:3d:7d:4e:0d:11:ab:19:4d:30:b6:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9439193aef1fe4d5703cb834df7aabaf8a4be42c
        Validity
            Not Before: Jan 11 14:41:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c1e2d4097ad4eab4924debcb57e9f805bcae7140
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:31:91:58:87:3b:8d:66:8c:80:e8:4a:eb:b2:
                    bd:a2:6b:13:f0:f4:f7:20:70:f1:58:ee:96:f0:76:
                    2b:19:f2:9e:f5:f0:f3:f7:ce:74:3c:84:03:06:eb:
                    29:71:41:7d:ba:8a:33:22:07:40:de:4a:86:71:89:
                    70:fc:9e:4d:d6:00:37:01:b3:4e:61:c5:70:35:7f:
                    ce:23:b1:57:40:da:2d:17:b7:eb:c2:78:9b:dd:f6:
                    3c:5b:5b:11:3d:cc:36:85:18:23:ad:ee:84:e6:0b:
                    2f:a7:ee:e8:f8:c4:aa:9c:ba:44:29:e6:d1:8b:3e:
                    b7:01:1b:fb:3d:0c:69:fc:11:3a:6b:bf:b6:9f:05:
                    b1:08:1d:83:c6:e1:03:5e:38:71:1d:e6:33:7f:cf:
                    6a:3b:18:a4:17:b3:4a:2f:bf:80:20:14:65:3b:0c:
                    3e:c1:b1:fc:f9:64:18:93:07:b1:ba:87:6e:ae:13:
                    6b:b9:30:5c:d9:19:bd:14:75:f0:59:39:9b:f4:02:
                    55:83:fc:40:fe:8d:3b:7d:35:51:0b:65:7a:03:e3:
                    86:68:cf:7f:a4:7c:ab:a0:01:ae:c4:34:9d:0d:f9:
                    a6:b6:f0:e4:6f:f6:9b:fe:6b:b4:8e:f9:71:23:0c:
                    28:be:4e:4a:b0:6d:15:3c:a5:c0:37:2b:27:f2:11:
                    a8:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:E2:D4:09:7A:D4:EA:B4:92:4D:EB:CB:57:E9:F8:05:BC:AE:71:40
            X509v3 Authority Key Identifier:
                keyid:94:39:19:3A:EF:1F:E4:D5:70:3C:B8:34:DF:7A:AB:AF:8A:4B:E4:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lDkZOu8f5NVwPLg033qrr4pL5Cw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ffce0e-c3ad-4c8a-9914-745cde74d01b/1/weLUCXrU6rSSTevLV-n4BbyucUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ffce0e-c3ad-4c8a-9914-745cde74d01b/1/lDkZOu8f5NVwPLg033qrr4pL5Cw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.160.0/22
                  193.56.59.0/24
                  193.56.61.0/24
                  193.56.107.0/24
                  193.56.118.0/24
                  194.60.208.0/22
                IPv6:
                  2a05:cac0::/29
                  2a0f:51c0::/29
                  2a12:93c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         0e:07:48:4e:33:02:36:f3:a4:c7:72:3d:2c:95:b5:fe:48:d1:
         df:82:e0:86:82:c9:f4:ba:5e:11:b3:ba:8a:cc:ff:9d:b3:3f:
         72:58:bb:90:5a:3a:26:39:79:e0:6e:48:77:ae:68:b3:6c:40:
         c2:54:94:2b:67:24:8d:fd:bd:df:ac:d7:e8:c3:a7:b4:10:7d:
         51:3c:b8:d8:8d:93:cb:8e:c6:a1:6a:d6:da:4c:cc:48:a4:56:
         40:57:ed:5e:9e:d5:3e:07:d9:40:1f:db:4d:8a:80:30:a9:a7:
         32:33:37:e8:48:2a:99:cb:ee:fd:e0:06:02:86:66:24:3a:f1:
         fb:24:a9:d9:fc:86:9b:4d:b8:72:77:73:99:32:7b:eb:6d:23:
         36:58:02:ac:77:ae:78:93:cd:aa:84:6a:e2:c8:44:84:7b:f9:
         67:24:77:56:98:74:59:61:3d:6f:1a:f7:92:5f:8d:20:ed:0b:
         4d:40:23:d6:62:da:18:99:4a:8c:cb:5a:33:25:73:4c:7a:e2:
         53:ff:e2:66:e4:b5:3d:db:ea:d1:da:35:3b:df:2c:43:e4:28:
         f0:6c:c6:6c:8c:88:22:85:aa:4c:76:97:db:59:10:a8:5f:8c:
         c6:f2:4b:c1:2c:2c:b8:6b:7e:b5:58:c3:14:f4:ce:d4:82:9e:
         ba:47:75:ad
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYWhR6TkXz19Tg0RqxlNMLbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MzkxOTNhZWYxZmU0ZDU3MDNjYjgzNGRmN2FhYmFmOGE0
YmU0MmMwHhcNMjMwMTExMTQ0MTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWUyZDQwOTdhZDRlYWI0OTI0ZGViY2I1N2U5ZjgwNWJjYWU3MTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTGRWIc7jWaMgOhK67K9omsT8PT3
IHDxWO6W8HYrGfKe9fDz9850PIQDBuspcUF9uoozIgdA3kqGcYlw/J5N1gA3AbNO
YcVwNX/OI7FXQNotF7frwnib3fY8W1sRPcw2hRgjre6E5gsvp+7o+MSqnLpEKebR
iz63ARv7PQxp/BE6a7+2nwWxCB2DxuEDXjhxHeYzf89qOxikF7NKL7+AIBRlOww+
wbH8+WQYkwexuodurhNruTBc2Rm9FHXwWTmb9AJVg/xA/o07fTVRC2V6A+OGaM9/
pHyroAGuxDSdDfmmtvDkb/ab/mu0jvlxIwwovk5KsG0VPKXANysn8hGoRQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFMHi1Al61Oq0kk3ry1fp+AW8rnFAMB8GA1UdIwQY
MBaAFJQ5GTrvH+TVcDy4NN96q6+KS+QsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbERrWk91OGY1TlZ3UExnMDMzcXJyNHBMNUN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mZmNlMGUtYzNhZC00YzhhLTk5MTQt
NzQ1Y2RlNzRkMDFiLzEvd2VMVUNYclU2clNTVGV2TFYtbjRCYnl1Y1VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mZmNlMGUtYzNhZC00YzhhLTk5MTQtNzQ1Y2RlNzRkMDFi
LzEvbERrWk91OGY1TlZ3UExnMDMzcXJyNHBMNUN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQCLQigAwQA
wTg7AwQAwTg9AwQAwThrAwQAwTh2AwQCwjzQMBsEAgACMBUDBQMqBcrAAwUDKg9R
wAMFAyoSk8AwDQYJKoZIhvcNAQELBQADggEBAA4HSE4zAjbzpMdyPSyVtf5I0d+C
4IaCyfS6XhGzuorM/52zP3JYu5BaOiY5eeBuSHeuaLNsQMJUlCtnJI39vd+s1+jD
p7QQfVE8uNiNk8uOxqFq1tpMzEikVkBX7V6e1T4H2UAf202KgDCppzIzN+hIKpnL
7v3gBgKGZiQ68fskqdn8hptNuHJ3c5kye+ttIzZYAqx3rniTzaqEauLIRIR7+Wck
d1aYdFlhPW8a95JfjSDtC01AI9Zi2hiZSozLWjMlc0x64lP/4mbktT3b6tHaNTvf
LEPkKPBsxmyMiCKFqkx2l9tZEKhfjMbyS8EsLLhrfrVYwxT0ztSCnrpHda0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:01 2024 by rpki-client on console-ams.rpki-client.org